Active Directory Login module for Joomla, will allow Joomla sites to have Authentication using an Active Directory Federation Service(ADFS) 2.0 enabled server using the WS Federation Protocol. Using this module Joomla user accounts can be associated with an Active Directory login identity, there by Active Directory credentials can be used to login to Joomla site. <br/><br/>

+

Active Directory Login module for Joomla, will allow Joomla sites to have Authentication using an Active Directory Federation Service (ADFS) 2.0 enabled server using the WS Federation Protocol. Using this module Joomla user accounts can be associated with an Active Directory login identity, there by Active Directory credentials can be used to login to Joomla site. <br/><br/>

'''Prerequisites'''

'''Prerequisites'''

<ol>

<ol>

Line 18:

Line 18:

Joomla base url in the above is the base site url where joomla is configured. The 3 different parameters needed from Active Directory Federation Service to configure the Plugins are as follows

Joomla base url in the above is the base site url where joomla is configured. The 3 different parameters needed from Active Directory Federation Service to configure the Plugins are as follows

Once you enable this module, you will be ablve to login to Joomla sites uring your Active Directory account.

+

Once you enable this module, you will be able to login to Joomla sites using your Active Directory account which is associated with your Joomla account.

<ul>

<ul>

<li>Login to Joomla Administration Site</li>

<li>Login to Joomla Administration Site</li>

Line 95:

Line 95:

<li>ADFS Component is displayed in the Components Menu item. Currently there is no view required/implemented for this component but is displayed in Joomla 1.6.</li>

<li>ADFS Component is displayed in the Components Menu item. Currently there is no view required/implemented for this component but is displayed in Joomla 1.6.</li>

</ul>

</ul>

+

+

</ul></br>

+

'''Contact'''<br />

+

<ul>

+

<li>Email to interop@schakra.com for any issues and feedback. </li>

+

</ul>

+

+

[[Category:Server configurations]]

Latest revision as of 19:46, 26 May 2013

This document describes how to enable Active Directory authentication module for Joomla!

Introduction
Active Directory Login module for Joomla, will allow Joomla sites to have Authentication using an Active Directory Federation Service (ADFS) 2.0 enabled server using the WS Federation Protocol. Using this module Joomla user accounts can be associated with an Active Directory login identity, there by Active Directory credentials can be used to login to Joomla site.

Prerequisites

Joomla 1.5 or 1.6

PHP 5.2 with mhash & mcrypt and OpenSSL enabled.

Configure the Joomla site with https so that ADFS can communicate through SSL

Active directory federation service with Relying party trust set up to your domain/site.

Active Directory Relying Party Configuration
Active directory Relying party configuration is described in a separate document. Please refer to ADFS 2.0 Relying Party Trust Configuration
Relying party endpoint URL should be configured in the relying party configuration. This url is different for joomla 1.5 and joomla 1.6. It is as follows

Service provider (SP) identifier, this should match the SP identifier value configured in ADFS Relying party configuration.

Encryption Certificate Path (Optional Parameter)

Enter a certificate path if used to decrypt authentication responses which have been sent encrypted. This value is optional based on whether the encrypted response is configured with ADFS. Acceptable certificate format is ‘.pem’. Absolute path of the certificate file on the server should be provided.

Encryption Certificate password (Optional Parameter)

Encryption certificate password can be used in conjunction with Encryption Certificate provided. The password is the key to the certificate in such case.

Enable ‘Authentication-Active Directory’ plugin

Known Limitations

During Logout, user is not logged out from ADFS sites. So the user is expected to close the browser session to remove any Adfs cookies or tokens in the current browser session.